Change log for GCP_CLOUDSQL
Date | Changes |
---|---|
2024-09-27 | - Mapped "labels._HOSTNAME" to "principal.hostname" and "principl.asset.hostname" for the sqlserver.err logs
- Mapped "textPayload" log field to "metadata.description" for the sqlserver.err logs - Extracted the user from the "textPayload" log field and mapped to "target.user.userid" for the sqlserver.err logs |
2024-09-05 | Enhancement:
- Mapped "resource.labels.cluster_id" to "target.resource.id". - Mapped "labels.CONSUMER_PROJECT" to "target.asset.attribute.cloud.project.id". - Mapped "event_type" to "USER_LOGIN" when "resource_type" is either "cloudsql_database" or "alloydb.googleapis.com/Instance". |
2024-07-19 | Added additional mappings for deprecated noun.labels. |
2024-06-13 | Enhancement:
- Added "gsub" to remove "\n" from the "textPayload" field. |
2024-05-15 | Enhancement:
- Added new Grok patterns to parse "textPayload" field. |
2023-11-29 | - Aligned "principal/target.hostname" and "principal/target.asset.hostname" mapping.
|
2023-11-01 | - Promoted the parser to default.
|